Russia's election hack is a serious threat to US democracy

This article is the first in a series on the "Future of Politics" that investigates the effects of election 2016 on the future of policy, parties, candidates, campaign style and the overall political environment going forward.

Verbal attacks in politics are nothing new.

Cyber-attacks are.

Indeed, election 2016 could be considered a turning point in the history of America's electoral process as brazen hacks on the Democratic National Committee and Clinton campaign chair John Podesta, carried out by Russia, according to the Obama administration, were "intended to interfere with the U.S. election process."

The attacks that Hillary Clinton has blamed in part on her Electoral College loss to Donald Trump raise a critical question: will cyber-attacks targeting political organizations and prominent political players become the new normal?

I fear the answer is yes.

Though Trump has so far denied Russian involvement, prominent politicians on both sides of the aisle are calling for an investigation. That's a crucial step going forward. To better prepare for the possibility of cyber-assaults on our voting outcomes, we need to understand what sort of tactics were used in past attacks and what kind of new malicious strategies might we see in future. And we must devise strategies to counter them.

In cyberspace, the past is prelude to the future. The DNC hacks are a prime example of efforts to alter election outcomes without having to tamper with voting machines themselves. This case illustrates what happens when information is disclosed that undermines the credibility of an institution, in this case the Democratic Party.

Some of the hackers behind DNC attack may have had access to the organization's network for about a year according to DNC officials, giving them ample time to hunt for the most damaging documents without fear of detection.

Now is the time to guard against subterranean attacks that could be going on in other political organizations and structures, from state capitals to the U.S. Capitol.

Creating "fake news" is another type of voter manipulation aimed at influencing public opinion. Independent researchers claim the Russians were behind the creation of a number of misleading articles with the goal of harming the Clinton campaign, including bogus pieces about Hillary's fatal health problems, using botnets, networks of websites and social media accounts to distribute them.

Facebook, a major disseminator of fake news during the election, is taking steps to limit distribution on its site. Other sites must follow its lead.

"We can expect a repeat performance of attacks designed to alter election outcomes, in one form or another. That's the history of cyber-security; there is always more to come."

Other potential strategies for altering voter outcomes include gaining access to election databases so hackers can quietly attain personal information like emails and telephones numbers, which can then be used to manipulate voters.

What's more, hackers could delete names of voters from voter registration lists specifically from those demographic groups or socioeconomic strata more likely to vote for one candidate than the other.

Has this ever happened? It's not clear, but in August 2016, the FBI said it uncovered evidence that state election databases in Arizona and Illinois may have been hacked. In Illinois, hackers associated with foreign actors are suspected of downloading personal data on up to 200,000 state voters.

States must fortify their systems against hacking and remain vigilant to any breaches. Russian hackers gained access to the DNC's and Podesta's systems through simple phishing attempts, according The New York Times. Educating users is one simple way to prevent such breaches in the future.

Hacking into the voting machines themselves is certainly the most chilling of all scenarios, though the evidence that this actually occurred is inconclusive at best.

Prominent computer scientists have claimed that presidential voting results in Wisconsin, Michigan, and Pennsylvania could have been hacked and urged the Clinton Campaign to challenge election results in all three swing states.

Other arguments suggest that evidence of tampering with electronic voting machines is thin. Part of the thinking is that the machines could not have been hacked, primarily because they are not connected to the internet.

Truth is, regarding claims that electronic ballots are not connected to the internet: it actually doesn't matter. Clever hackers have successfully penetrated such "air-gapped" devices in the past, through what the cyber community calls an "insider attack." One malicious employee or contractor can penetrate a device by plotting from within. With a willing insider, an internet connection is irrelevant. Think Edward Snowden.

Again, the issue is still open, but there is a strong case to be made for carrying out an investigation, to conclusively determine the integrity of voting outcomes, and, perhaps equally as important, to figure out what sort of techniques were used – if tampering is discovered – so we can better protect the integrity of voting systems in the future. State level actors are certainly the most sophisticated, often using large numbers of attack vectors over long periods of time, so the importance of analyzing and understanding their patterns is mandatory for creating equally if not more sophisticated defense strategies moving forward.

We can expect a repeat performance of attacks designed to alter election outcomes, in one form or another. That's the history of cyber-security; there is always more to come. It will likely come from the same hacker groups and use similar tactics, techniques and procedures (TTPs), with some advanced variations we haven't seen yet.

The best way to keep safe is by studying previous attack patterns, turning diverse threats into a common language so that security professionals can "read" what is happening, no matter what the source. This will protect our democratic system because it allows threats to be instantly understood and proactively managed.

It also means upping cooperation at national, state and local levels. Since voting is always done at a local level, and since local authorities certainly don't have the resources to fend off malicious campaigns backed at state-levels, then more needs to be done to provide resources and know-how from the top down.

All of this becomes even more important as we strive more and more to utilize technology to encourage voter accessibility. E-voting encourages more participation but also widens potential attack vectors and raises risk. How do we maximize access while at the same time guaranteeing security? These are issues we need to continue grappling with.

The bottom line is that as dangerous as actual attempts to compromise voter outcome are, the perception that voting results are flawed is also capable of delegitimizing the democratic process. If citizens believe the vote has been rigged, then why bother voting at all? The future of democracy will be in balancing voter access with the integrity of the system – and cyber-security will play an enormous role in this reconciliation.

Commentary by Avi Chesla, CEO and Founder of empow, a cyber security company. Prior to empow, Avi was CTO and vice president of security products at Radware, where he was responsible for defining and leading the company's strategic technology roadmap and vision including the foundation and management of Radware's Security Division, a provider of cyber-attack mitigation solutions. Chesla has authored a number of articles for major publications on advanced network behavioral analysis, expert systems and information security and has earned numerous patents in these areas. Follow him on Twitter @cheslaavi.